IDMEF Plugin

[Timothy Lelesi <lelesi () aero org>]

What is the current status of the IDMEF Plugin?

I noted that "--enable-idmef" is no longer a complile option in version
2.0.0.  

Given this, after sorting through the various versions, I installed
1.9.0 from Silicon Defense which incorporates the IDMEF Plugin.  I
installed all the requisite software:  idmef, xml2, ntp.  I enabled the
plugin and got no apparent errors upon loading Snort.  However, upon
reception of traffic, Snort seg faults.  When I turn off the IDMEF
Plugin, I don't get any seg faults.

I also tried installing version 1.8.7.  However, as noted in a previous
post from Andrew Walther, I also get a libidmef not found error when I
run Snort's ./configure.  


Tim


-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users